Half of US firms on IoT network say they have experienced a security breach

Nearly half of US firms using an Internet of Things (IoT) network have been hit by a recent security breach, according to a study from strategy consulting provider Altman Vilandrie & Company.

The research, conducted in April 2017, evaluated about 400 IT executives across 19 industries that have purchased some form of IoT security solution and found that 48% of the firms have experienced at least one security breach.

The cost of the breaches amounted to 13.4% of the total revenues for companies having annual revenues less than $5 million. For the firms having annual revenues of above $2 billion, the estimated potential cost of one IoT breach stood at more than $20 million.

The survey also noted that companies who had not experienced a security breach have invested 65% more on IoT security. Provider reputation and product quality were of higher importance when choosing these security solutions. Of the participants, 68% considered IoT as a distinct category but only 43% had a dedicated budget for it. IoT security decisions were found to be centralised organisation-wide in 74% of the firms, in spite of separate business units having different needs. After “preventing loss of control over IoT devices”, traditional cybersecurity concerns such as “preventing breaches of customer information” and “preventing breaches of company data” were ranked as the next most important reasons to adopt IoT security.

Elsewhere, the Ponemon Institute surveyed 553 individuals in industries across various sectors and reported a general lack of oversight in IoT security implementation and lack of preparedness and inter-departmental communication, even among those companies that had a considerable part to lose on IoT’s failure. As per the findings, there was a gap in understanding mitigation of the security risks especially those related to third parties. It noted a dependence on legacy technologies and governance practices to address potential threats.